Free TryHackMe Access
If youโre unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsiblyโdo not change or delete any settings or information.
If youโre unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsiblyโdo not change or delete any settings or information.
โค86๐11๐ฅ2
Please open Telegram to view this post
VIEW IN TELEGRAM
Teachable
Windows Api Security Professional
โค3
Brut Security
First Review
XSS from javascript hidden params
assetfinder *.com | gau | egrep -v '(.css|.svg)' | while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Z0-9]+" | sed -e 's,'var','"$url"?',g' -e 's/ //g' | grep -v '.js' | sed 's/.*/&=xss/g'); echo -e "\e[1;33m$url\n\e[1;32m$vars"
2๐ฅ19๐3โค2
This media is not supported in your browser
VIEW IN TELEGRAM
๐ฅ6๐ฟ3๐ณ2โค1
- Register An account with email [email protected] on the target
- navigate to support section and see if there are any emails converted into support tickets
credit - NinadMishra
#bugbountytips
- navigate to support section and see if there are any emails converted into support tickets
credit - NinadMishra
#bugbountytips
๐ณ9๐3
Offsec has been acquired by an private equity.
https://www.prnewswire.com/news-releases/leeds-equity-partners-acquires-offsec-302275836.html
https://www.prnewswire.com/news-releases/leeds-equity-partners-acquires-offsec-302275836.html
PR Newswire
Leeds Equity Partners Acquires OffSec
/PRNewswire/ -- Leeds Equity Partners ("Leeds Equity") announced today that it has acquired OffSec (the "Company"), the leading provider of continuous...
๐งโ๐ปCloakQuest3r - Uncover the true IP address of websites safeguarded by Cloudflare & Others
https://github.com/spyboy-productions/CloakQuest3r
https://github.com/spyboy-productions/CloakQuest3r
2๐ฅ12๐3
Argus is an all-in-one information gathering tool crafted for ethical hackers and cybersecurity experts. It seamlessly integrates network analysis, web exploration, and threat detection, all in a sleek and intuitive interface. Argus turns complex reconnaissance into an art of simplicity.
---
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - jasonxtn/Argus: The Ultimate Information Gathering Toolkit
The Ultimate Information Gathering Toolkit. Contribute to jasonxtn/Argus development by creating an account on GitHub.
๐7
CVE-2024-9634: RCE in GiveWP WordPress Plugin, 9.8 rating ๐ฅ
Another one critical vulnerability in GiveWP. This time, attackers can inject PHP code using one parameter.
Search at Netlas.io:
๐ Link: https://nt.ls/9tUYx
๐ Dork: http.body:"plugins/give/assets/dist"
Read more: https://github.com/advisories/GHSA-6fx6-wrpf-cpgv
Another one critical vulnerability in GiveWP. This time, attackers can inject PHP code using one parameter.
Search at Netlas.io:
๐ Link: https://nt.ls/9tUYx
๐ Dork: http.body:"plugins/give/assets/dist"
Read more: https://github.com/advisories/GHSA-6fx6-wrpf-cpgv
๐5โค3
POC for CVE-2024-4577 PHP CGI Argument Injection ๐ฅ ๐ฅ ๐ฅ
Nuclei Template: https://github.com/11whoami99/CVE-2024-4577/blob/main/CVE-2024-4577.yaml
Nuclei Template: https://github.com/11whoami99/CVE-2024-4577/blob/main/CVE-2024-4577.yaml
1โค9๐2
Here are few Good GraphQl report to learn more about it.
1. hackerone.com/reports/2048725
2. hackerone.com/reports/2524939
3. hackerone.com/reports/2357012
4. hackerone.com/reports/2122671
5. hackerone.com/reports/2207248
6. hackerone.com/reports/1864188
7. hackerone.com/reports/1085332
8. hackerone.com/reports/1084904
9. hackerone.com/reports/1293377
10. hackerone.com/reports/1192460
1. hackerone.com/reports/2048725
2. hackerone.com/reports/2524939
3. hackerone.com/reports/2357012
4. hackerone.com/reports/2122671
5. hackerone.com/reports/2207248
6. hackerone.com/reports/1864188
7. hackerone.com/reports/1085332
8. hackerone.com/reports/1084904
9. hackerone.com/reports/1293377
10. hackerone.com/reports/1192460
HackerOne
Sorare disclosed on HackerOne: Circular based introspetion Query...
## Summary:
Hi Team, Hope you are doing great Sorare graphql Api has introspection enabled by default as per the policy it's meant to be public so they can facilitate their users with Graphql...
Hi Team, Hope you are doing great Sorare graphql Api has introspection enabled by default as per the policy it's meant to be public so they can facilitate their users with Graphql...
๐6โค3
Subdomain Takeover POC :
subfinder -d domain | httpx -silent > subdomains.txt ; nuclei -t /root/nuclei-templates/http/takeovers -l subdomains.txt
๐8โค1
80% bug bounties is about understanding the application/framework/protocol and (knowing about what exactly are you doing or if it's actually worth doing)
๐29๐ฅ4๐ฟ3โค1
CVE-2024-20329: Improper Neutralization of Command Delimiters in Cisco ASA, 9.9 rating ๐ฅ๐ฅ๐ฅ
The vulnerability allows an attacker with low privileges to remotely execute commands via SSH and thus gain full control of the system.
More then 140k instances at Netlas.io:
๐ Link: https://nt.ls/Rfjme
๐ Dork: http.body:"/+CSCOE+/logon.html"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF
The vulnerability allows an attacker with low privileges to remotely execute commands via SSH and thus gain full control of the system.
More then 140k instances at Netlas.io:
๐ Link: https://nt.ls/Rfjme
๐ Dork: http.body:"/+CSCOE+/logon.html"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF
โค3๐ฟ2๐1